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© Aeeeaeeoffttrel equipment 

S) Acceaa control equipment comprises en Interrogation unit 
(TD) havhg means (14) for emitting art interrogation signal, and 
e plurality of transponders (e.g. T), eich transponder havfng a 
etored Identity code different from that of tfw other transport- 
dara. Thto Identity code comprises a plurality of fields each 
holding a selected information bit. The Interrogation signal Is 
controlled eo «s simultaneously to Interrogate the flelde of all 
transponders within range in a serial manner. A group reply 
signal la sent back to the interrogation unit from any 
transponder havmg, In the field being interrogated, a bit 
matching that required by the Interrogation signal The 
interrogation unit is arranged to determiner from the serine of 
received reply signals, the Identity of each and every valid 
transponder within range. 




FIGL1. 




9 



12/0.5/2004 19:40 FAX 319 369 3630 



INTER NEC TECHNOLOGIES 



1011/022 



Deecrlption 



ACCESS CONTROL EQUIPMENT 



The present Invention concerns access control 
equipment, that is electronic equipment designed to 
restrict unauthorised access to stored or trans- 5 
mitted data or to secure premises. 

The control of such access Is frequently afforded 
by the use of an Interrogation unit and e transpon- 
der. At its simplest, the Interrogation unit transmits 
an enquiry signal which may be received by any 10 
transponder within Its range. The transponder Is 
designed to modify the received signal In a predeter- 
mined manner end then retransmits the modified 
signal for reception by the Interrogation unit. The 
modifying of the signal may be such as simply to 15 
distinguish between any "authorised' transponder 
and an unauthorised one or may be characteristic of 
the specific transponder alone* In which latter case 
the modified signal received by the interrogation unit 
Identifies that transponder and no Other. 20 

Thus, If the transponder is carried by a person, 
vehlde, animal or piece of equipment then the 
Interrogation unit Is enabled to permit or reject 
access of a epeclflc person or vehicle to controlled 
premises or to oontrol access of a person or 2$ 
equipment to stored data. For example, when the 
equipment is capable of receiving transmitted data, 
tt may be permitted to do so only when It has been 
Identified or authorised by a correou> responding 
transponder. 30 

Many systems of operating such equipment are 
known. For example, the Interrogation unit may 
permanently or at Intervals create a signal or Held 
that will cause any transponder within range to 
Identify Itself. In a second system, any transponder 35 
coming within range wl]f be caused to transmit an 
Identifying signal to the Interrogation unit. In a further 
alternative a transmission Is Initiated from the 
transponder and the Interrogation unit processes 
the information so conveyed. *0 

In such systems there Is generally no problem In 
making a positive Identification of a particular 
transponder, so long as that transponder Is the only 
one within range of the Interrogation unit, or the only 
one signalling ths Interrogation unit at a given time. 4$ 
Unless one of these criteria Is met, then there can be 
difficulties In resolving the signals from the respon- 
ded. 

A further difficulty arises when the system 
protocol Is such as to causa a transponder to SO 
transmit Its same Identifying signs) more than once 
whan traversing any Interrogation field, Unuer these 
circumstances, the signal could be monitored by an 
unauthorised person, and thereafter reproduced In 
order to gain Illicit acces$. & 

The present Invention seeks to avoid these 
difficultly 

In accordance with this Invention, there Is pro* 
vided access control equipment comprising an 
interrogation unit having means for emitting an B0 
Interrogation signal, and a plurality of transponders 
having means for receiving the Interrogation signal, 
each transponder having a stored identity code 



different from that of the other transponders, the 
Identity code comprising > plurality of fields each 
holding an information bit selected from a plurality of 
possible bits, means for controlling the interrogation 
signal so that it simultaneously interrogates the 
fields of ell transponders within range In a serial 
manner, means for sending a group reply signal to 
ths Interrogation unit from any transponder having in 
the field being interrogated a bit matching that 
required by the Interrogation signal, and means in 
the Interrogation unit for converting the series of 
group reply signals to the encrypted Identification 
codes of those transponders within range. 

It will bs seen that the equipment can operate 
irrespective of the number of transponders within 
range. The interrogation unit will analyse the series 
of group repfy signals and will be Informed by those 
signals of the Identity codes of those transponders 
present. The responses are thus unable to Interfere, 
and there Is clear resolution of the signals. Further- 
more, It will be appreciated that a transponder only 
transmits an Identity code once in one whole 
Interrogation sequence. Further Interrogation re- 
quires a different Identity code from the same 
transponder thus rendering it extremely difficult for 
an unauthorised person successfully to monitor and 
decipher that code. During most of the sequence 
each transponder simply sends a group reply signal. 

Preferably each Identity code Is a binary word, 
each field comprising one bit, either 0 or 1. Other 
oodes could be used, but binary Is clearly the 
simplest. The Interrogation and response sequence 
is preferably computer controlled, both in ths 
Interrogation unit and In the transponder, and binary 
Identity logio obviously simplifies SUOh control* 

All responders sending a group reply signal In 
response to Interrogation of a particular field will do 
so simultaneously, desirably with an Identical signal, 
It would be possible to have the respondere reply 
serially, each with a different elgnai falling within a 
group but tWs Is not as rapid a method as 
simultaneous reply. 

When binary logic Is used, the transponders are 
effectively divided Into classes and sets, and the 
interrogation Is effectively a binary tree search. 

An embodiment of this Invention will now be 
described by way of example only and with reference 
to the accompanying drawings. In which: 

FIGURE 1 1s a diagrammatic block diagram of 
access control equipment, showing an interro- 
gation unit and one of a plurality of transpon- 
ders of the equipment; 

FIGURE 2 is a diagram to illustrate a tree 
search fbrm of the interrogation process where 
only one transponder le present in the field of 
the interrogation unit: 

FIGURE 3 is a similar diagram to Illustrate the 
tree search when two transponders are pres- 
ent; 

FIGURE 4 Ts ft diagram to Illustrate the oata 
exchange for a 16-bit Identifying code of the 
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transporter; 
FIGURE 5 Is a similar diagram to Illustrate the 

data exchange whin a new IQ-bit seed is 

transmitted on each search; end 
FIGURE 6 Is a similar diagram out where the $ 

transponder is arranged to return a hidden 

transponder code at the end of the search. 
Referring to Figure 1. there Is shown an access 
control equipment comprising an interrogation unit 
IU and a plurality of transponders, which may be In 10 
the form of tags, one onty being shown at T. The 
interrogation unit III comprises a microprocessor 10 
one function of which Is to generate interrogation 
signals and apply these to a pulse length modulator 
12, which applies the modulated signals to a 75 
transmitter 14. The transmitter Includes a coil for 
inductively coupling with a coll of a receiver 20 of the 
transponder or tag T. Receiver 20 of the transponder 
applies its received signal to a demodulator 22, the 
demodulated signal being applied to a mlcroproces- so 
sor 24. This la able to refer to a memory 26 
containing an Identffyrng coda of the transponder. 
The microprocessor 24 determines when a reply is 
to be made, In which case It provides a reply signal to 
s phase ehfft mod Ulster 28 driving a transmitter 30, A 25 
coll Of this transmitter is Inductively coupled with a 
col! of a receiver 16 of the Interrogation unit and a 
demodulator 18 serves to recover the reply signal 
and pass this to the microprocessor 10 of the 
interrogation unit for decoding and Identifying tha 30 
transponder or transponders within range, The 
transmitting channel from the Interrogation unit to 
the transponders may typically operate at 132 kHz 
and the reply channel may typically oparate at 68 
kHz. 35 

The Identifying code of each transponder may 
simply comprise a binary word. In use, the Interroga* 
tlon unit conducts a search by simultaneously 
interrogating the bits of all transponders within 
range In a serial manner. If any one or more 4Q 
transponders within range has a bit of predeter- 
mined value (e.g. 1) at the Interrogated position In 
the binary word* that transponder (or those trans- 
ponders) will transmit a reply simply to Indicate this. 
Then the search proceeds by Interrogating another 45 
position In the binary word to see If any transponder 
within range has a bit of predetermined value at that 
position, and so on. By decoding the reply signals 
received from this, succession of Interrogations, the 
microprocessor 10 In the Interrogation unit can so 
determine the Identifying code of each transponder 
which Is within range. 

The interrogation process may take the form of a 
binary tree search. For axwnpi«, in Figure 2 a singla 
transponder with code 6 Is assumed to be present, 55 
The Identlflciation commences by enquiring whether 
the transponder is a member of set (1.2,3*4) or set 
(5,6,7.8), The transponder responds to the latter and 
sends a first group reply signal. At level two of tne 
search tha choice Is between (5,6) or (7,8) and (5,6) SO 
is Identified whereupon a second group reply signal 
Is sent. Finally, the transponder is recognised as (5) 
after the sending of a third group reply signal and 
analysis by the interrogation unit. It may be conveni- 
ent to regard the transponder identity ae a binary es 
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number and each level of the search establishing i 
bit of the number. An n-blt number requires an 
n-levei search and can Identify 1 of T transponders. 

Only one Interrogation is actually needed to 
establish to which set a single transponder belongs 
to each level. So n levels naad n interrogations. Even 
for email n the search time is better than or 
equivalent to a simple polling of every single 
transponder Identity code, but for higher values of n 
the saving becomes very large. For example, 
Identification of 1 transponder from 65538 Is 
possible with just 18 interrogations, 

The simple search outlined above for a single 
transponder needs to be modified ft multiple trans- 
ponders are present. Every member of a set must 
respond to the IU whan Interrogated, Thfe has three 
implications. 

(a) If more than one member of a set is 
present all will respond. To avoid conflict they 
must either send IdentloaJ replies simulta- 
neously (so that the IU seas only one effective 
reply) or they may send different replies In 
sequence. The former is faster and does not 
require any timing or arbitration scheme. 

(b) One or more transponders may bs 
present In both sets at a tree level. It Is than 
nsceseary to have two effective Interrogations 
at each level Instead of the single Interrogation 
which was adequate for the single transponder 
case. 

(c) The IU must remember when members of 
both sets at a given level are present and 
search both branohes of the tree from that 
mode to Identify all the transponders present. 
Figure 8 shows a possible search route for the 
case where both transponder 5 and transpon- 
der 8 are present. 

The simplest (and fastest) tree search requires 
that the IU sends an Interrogation data word whose 
length Is the minimum needed to Identity the search 
level At level 1 only 1 bit Is needed. Level 2 neads 2 
bits etc. The final level requires an n-btt word. 

In principle the reply need only be a 1-bft word ai 
any and every level. However rt Is preferable for the 
transponder to do some processing of the Incoming 
data and a 4-blt reply Is a suitable compromise 
between speed and oompiexfty. Very little time can 
be allowed between receipt of tha incoming data and 
the appropriate reply to avotd Impeding the search 
and a simple pseudo-random sequence generation 
process yielding the 4-bit reply Is an adequate 
compromise between spaed and security at this 
stage. This form of data exchange Is shown In 
Figure 4 for the example of a 18-blt tag code. 

For security K Is desirable that the transponder 
repilaa differ on successive searches. A simple way 
of ensuring this Is to provide a new seed for the 
pseudo-random sequence generation at the begin- 
ning of each search. The eeed would be generated 
by the IU (and could itself ba part of a pseudo-ran- 
dom sequence). Transmission of (say) a 18-blt seed 
can replace the 1st level interrogation. This word can 
also be used as a synchronising signal to the 
traneponder(e) tor the start of a search, 

The search pattern then becomes as shown In 
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Figure 5. Note that the Interrogation words tor levels 
2-16 can be reduced by 1 bit. 

The transponder Identity code revealed by the tree 
9earch Is not In Itself secure. It (or something 
equivalent to It) could possibly be deduced from a 
study of the search pattern and the corresponding 
replies. The security at this stage comes from the 
correct electronic and numerical forms of the replies 
and their relation to the Interrogation data a9 
determined by the transponder processor program. 
This Is effectively the group reply signals and the 
code may be termed the public transponder Identity 
eode. 

Further security le provided by a verification 
procedure In which a transponder replies to the final 
Interrogation with a 16-blt reply (say) generated from 
the seed provided at the beginning of the search and 
an Internally stored outridden 1 B-bit coda (say) and 
poaslbly from the public transponder Identity code. 
According to the stored algorithm this can only 
occur at the lest search level because only then can 
no more than one transponder reply at a time. 

The hidden code Is derived from the public 
transponder code end a system key or code by eny 
suitable algorithm. The IU could then regenerate the 
proper hidden code (and the appropriate transpon- 
der Identified by the search. 

The use of a key In the latter method allows 
customising a transponder est to a particular 
Installation- For example. If the key Is a 16-brt number 
then the total effective transponder code becomes 
32 bits l-e. 4 X 10* different transponder Identities. 
(85S38 transponders In each of 65538 Inetallatlona). 

Figure 6 Shows the Information exchange for a 
typical single transponder search Including the Initial 
seed transmission and the final hidden transponder 
Identity verification. The total data transmission to 
the transponder In this example requires 136 bits 
and the replies ne«a 152 bits In this case. 

The public and hidden transponder identities are 
held In the memory 26 of each transponder and are 
programmable. An initial powar-up during manufac- 
ture, the Identity codes win be set to some known 
values. 

Programming after manufacture, and at any 
subsequent time, may be accomplished by transmit* 
ting the new Identity codes to a transponder using 
an extension of the data exchange protocol outlined 
above. 

For security reasons the programming messages 
are only accepted by a transponder Immediately 
following a successful search and verification proce- 
dure and must contain sufficient error detection to 
avoid false programming. 

The transponders utilised in the Invention are 
desirably encapsulated transponders as described 
in QB-A-2164825. but utilising either a microchip 
processor and memory or customised large scale 
Integrated circuits Instead of the logic elements 
shown In that document. Each transponder may or, 
may not Incorporate Us own battery, but if a battery 
Is incorporated the transponder Is capable of 
switching from and to a standby, power conserving 
mode In response to the pressnce or absence of a 
signal from ths Interrogation unit. 
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It will be appreciated that tn the equipment 
described, the interrogation unit uniquely Identifies 
each and every valid transponder present within the 
range during one complete interrogation cycle. 
Preferably, as described above, the transponder 
reply signals differ on successive Interrogation 
cycles and on successive search steps within each 
oyoia, being encrypted according to a different 
control code (the seed) transmitted at the beginning 
of each cycle. 



Claims 



1. Access control equipment comprising an 
Interrogation unit having means for emitting an 
Interrogation signal, and a plurality of transpon- 
ders having means for receiving the Interroga- 
tion signal, each transponder having a stored 
Identity code different from that of the other 
transponders, the Identity code comprising a 
plurality of fields each holding an Information bit 
selected from a plurality of possible bits, means 
for controlling the Interrogation signal eo that It 
simultaneously interrogates the fields of all 
transponders within range In a serial manner, 
means for sending a group reply signal to the 
Interrogation unit from any transponder having 
in the field been Interrogated a bit matching that 
required by the interrogation signal, and means 
In the Interrogation unit for converting the 
series of group reply signals to the encrypted 
Identification codes of those transponders 
within range- 

2* Access control equipment as claimed In 
claim 1, In which the transponder reply signals 
differ on and during successive searches and 
are encrypted according to a different control 
code transmitted by the Interrogation unit at the 
beginning of each Interrogation cycle. 

a. Access control equipment as claimed In 
claim 2, in which a valid transponder within 
range of the interrogation unit replies to tte final 
Interrogation step with en encoded signal 
generated from the control code transmitted at 
the beginning of the interrogation cycle and 
from a further identification code and an 
algorithm both held by the transponder. 



12/Q5/2004 19:42 FAX 319 369 3630 INTERMEC TECHNOLOGIES ©014/022 



0285419 




12/05/2004 19:42 FAX 319 369 3830 



INTERMEC TECHNOLOGIES 



0285419 



©015/022 



1 2 3 4 5 6 7 8 
FIG. 2. 
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